While installing a new distro, the installer asked me what groups to add the user to. One of them was "sys," and seemed to give the user unlimited administrative privileges if I understood it correctly (perhaps not). What's the effective difference between adding a user to sys and putting a user's name in the sudoers list?

While I think of this, I have also seen that there is a "sudo" user group. Is there any difference between that and adding a user to sudoers? It sounds like two ways to do the same thing.

Comparatively, 'root' is both a 'user' and an effective 'group'; while 'sys' is an /*optional*/ and less privileged group mainly given for security and compatibility reasons, (it is not an effective user) just like the group 'daemon' which may exist or may not exist and as such it cannot affect the functioning of the entire system. Mostly files given gid of ' 3 ' or 'sys' group are read-only or read-write, but not executable temporary files that are created by processes spawned by daemons like cups and udev. You can check it this way--
but if you seek it from system files like--
it returns none.

Other than being logged-in as 'root' user, 'sudo' (or 'su' ) is the only way to obtain and be empowered as the effective super-user. You have to be allowed by the /etc/sudoers configuration in order to gain superuser rights; being a member to group 'root' does not necessarily empower you to be equal to an effective root: usefulness of group membership inherits only whatever permission is set to gid of a given file (be it binary or not) which means if a binary file is set 744 group members cannot execute the file, be he root or not, but the owner can be he root or not.

Actually 'sudo' and 'sys' (group) membership do not confer equal rights; as much as they are not the same.

HOpe this helps.

Good luck.

1 members found this post helpful.